[GitHub] cloudstack pull request: CLOUDSTACK-8832 : Update Nuage VSP plugin...

[jburwell]

Github user jburwell commented on a diff in the pull request:

    https://github.com/apache/cloudstack/pull/801#discussion_r43043089
  
    --- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/element/NuageVspElement.java
 ---
    @@ -395,65 +505,135 @@ public IpDeployer getIpDeployer(Network network) {
     
         @Override
         public boolean applyFWRules(Network network, List<? extends 
FirewallRule> rules) throws ResourceUnavailableException {
    -        s_logger.debug("Handling applyFWRules for network " + 
network.getName() + " with " + rules.size() + " FWRules");
    -        if (rules != null && rules.size() == 1 && 
rules.iterator().next().getType().equals(FirewallRuleType.System)) {
    -            s_logger.debug("Default ACL added by CS as system is ignored 
for network " + network.getName() + " with rule " + rules);
    +        if (rules == null || rules.isEmpty()) {
                 return true;
             }
    -        return applyACLRules(network, rules, false);
    +
    +        if (rules.size() == 1 && 
rules.iterator().next().getType().equals(FirewallRuleType.System)) {
    +            if (s_logger.isDebugEnabled()) {
    +                s_logger.debug("Default ACL added by CS as system is 
ignored for network " + network.getName() + " with rule " + rules);
    +            }
    +            return true;
    +        }
    +
    +        if (s_logger.isDebugEnabled()) {
    +            s_logger.debug("Handling applyFWRules for network " + 
network.getName() + " with " + rules.size() + " FWRules");
    +        }
    +        return applyACLRules(network, rules, false, 
rules.iterator().next().getTrafficType().equals(FirewallRule.TrafficType.Ingress),
 false);
    +    }
    +
    +    protected boolean applyACLRules(Network network, List<? extends 
InternalIdentity> rules, boolean isNetworkAcl, Boolean isAcsIngressAcl, boolean 
networkReset)
    --- End diff --
    
    It seems like it would be useful to add some ``INFO`` logging to this 
method to explain successful application of rules to a Nuage device.  We have a 
general issue that CloudStack operators are required to run ACS with ``DEBUG`` 
logging to understand the operation of the management server.  It is best that 
we not add to that technical debt.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---